Take all the printable/allowable characters and create a random string with them. The longer the string the better your password.

IMHO, the worst password is most likely "password"

>Take all the printable/allowable characters and create a random
>string with them. The longer the string the better your password.
That's the logic for a secure password. A good password is sufficiently secure while still being memorable. Logic for a good password would be a phrase that meets the requirements for a strong password but is easy to remember:

"My favorite number is 23728. How about that?"

Upper and lower case letters, numbers, and punctuation combined into 44 characters is definitely considered a strong password.

~~~ A good password is sufficiently secure while still being memorable.

You are of course correct, Narue.

I often take my birthyear and center it with my favorite food. Something like "19kumquat84"

I often use the same base password, then each account has its own variation.

One summer job I had they forced you to change your password once a week. So I simply took my GF's name and added each starting Monday's date to it.

You are of course correct, Narue.

I often take my birthyear and center it with my favorite food. Something like "19kumquat84"

Thanks I was wondering how to hack you...

Seriously, I take a phrase that expresses a personal feeling about the thing I', signing up for, then I do something strange with it. Like pop the vowels and convert the whitespace to dots, or change all t to 7 or something totally retarded but retainable at the same time...

You are of course correct, Narue.

I often take my birthyear and center it with my favorite food. Something like "19kumquat84"

this post reminded me of good times

That said, the easy-to-remember is important and not a word is important. Another example I've seen is taking something like "4 score and 7 years" and turning it into 4s&7y, or using mixing in some 1337, so that awesomepassword becomes 4w3$0m3|>a5$w0rd.

There's also ongoing research into alternates to text-based passwords, such as using a sequence of images (e.g. given 9, select the correct one, and have a sequence of, say 4), or using inkblots to help users remember strong passwords.

123456 is rather common aswell.

Here are some ideal passwords I have used in the past...

password
passwordhere
robmeblindcosiamsuchanoob

And some not so great ones...

random numbers and letters (how will you remember (Are you getting this Infarction?))
your date of birth (if on a time machine: it might change)
willy (not long enough, well at least in not for you!)

"Admin" is a common one along with "Password" and i have seen "noob" as a password :D

To make a good password, make it out of things that only you would know, and make it out of at least the main letters, numbers and some punctuation. But the best passwords are scattered with random characters.

There are two requirements for a good password:

1. Nobody else would think of it

2. You can remember it

My biggest problem is that I have 12 accounts with different passwords. I keep forgetting which one goes with which account.

I think it would be better to have multiple short passwords, instead of a longer password. Of course, the software must not give clues by rejecting as soon as one password is bad. It should wait until the last one is entered.

First choice: absolutely random and lots of digits. Something that even you can't figure out or remember.
Second choice: the best combination of "tricks" you can acquire/create/steal that works; accessable to you, but not accessable nor guessable to anyone or anything else.

combine:
Something you have.
Something you know.
Something you are.

"Are" requires biometrics of some form. If you can, USE IT.

"Know" is far more predictable than you think (d.o.b., anniversary, mother's maiden, etc.)

My advice, incorporate something you have. I juggle many systems/licenses, so I include the middle 5 digits of my XP reg. key as PART of my admin password for a box. You might use; the first 4 digits of an ATM/Credit card you ALWAYS carry, or the SN on a pocket knife/USB drive/lock key, that you ALWAYS carry.
AND NO POST-ITs on your MONITOR!!! Though a post-it with the the middle 5 digits of my XP reg. key (a minor PART of my password), is relatively safe.

Use your imagination. The people trying to steal it are.

Something like W2L0C0M8E, see?

Again, I come in after the discussion has started.

Addressing the original request:
Logic is the last thing you want to use to create a password. If it's logical, it ISN'T good.

what is the best logic to make a good password?

Logic is the last thing you want to use to create a password. If it's logical, it ISN'T good.

Or that logic should not strike to anyone else. A good pasword may be logical but unpredictable. (for anyone except the user)

Chuck Norris.:twisted:

Chuck Norris.:twisted:

Chuck Norris doesn't need to hack passwords... he just brute forces them with a roundhouse kick to the face!

Sorry, couldn't resist :D

There are a couple tricks to use that could help:
color+noun+special char (replace one of the letters with a # like 6 for 'o' or 1 for 'i') and have a representation around your desk somewhere - you know all those ty collectables hanging off of geek computers were often password clues. I look over at my cork board now and I see:
a pink ribbon pin, silver skulls, a pic of me standing in the 'drive thru tree' when I visited the 'drive through the tree state park' in California, a white snowflake and loads of old picture badges -- heck, there is my old passport from when I went to Australia and Fiji. If you have a cluttered life like me, you could have your password right out in the open and no one would see it.

When I was a system manager of VAX Cluster with forced p/w changes monthly, we kept a collection of those books of definitions that are not actual word but should be (I forget what they were called). There were 5 volumes in our library so when the password was changed, a message was sent to the team with a string like "4 15 2" which would translate as 4th volume 15th page, 2nd definition. That was back in the good old days when the 128 digit prime # would require 500,000 days to break (also the VAX/VMS system would stop accepting login attempts after 3 but not tell you that it stopped so you could hack all day and never get in)

Oh Gawd! does anyone out there even remember VAXes? How about Amigas?

Sigh! What a pain it is getting old ( but much better than the alternative)

My boss (typical male) hits the q key six times and counts it out loud. That might be just stupid enough to be good.

Let's hope he never gets to this forum.